Skip to main content
PATCH
/
credentials
/
{id}
Update
curl --request PATCH \
  --url https://api.ngrok.com/credentials/{id} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --header 'ngrok-version: <ngrok-version>' \
  --data '{
  "id": "<string>",
  "description": "<string>",
  "metadata": "<string>",
  "acl": [
    "<string>"
  ]
}'
{
  "id": "<string>",
  "uri": "<string>",
  "created_at": "<string>",
  "description": "<string>",
  "metadata": "<string>",
  "token": "<string>",
  "acl": [
    "<string>"
  ],
  "owner_id": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Headers

ngrok-version
integer
default:2
required

Path Parameters

id
string
required

Body

application/json
id
string

n/a

description
string

human-readable description of who or what will use the credential to authenticate. Optional, max 255 bytes.

metadata
string

arbitrary user-defined machine-readable data of this credential. Optional, max 4096 bytes.

acl
string[]

optional list of ACL rules. If unspecified, the credential will have no restrictions. The only allowed ACL rule at this time is the bind rule. The bind rule allows the caller to restrict what domains, addresses, and labels the token is allowed to bind. For example, to allow the token to open a tunnel on example.ngrok.io your ACL would include the rule bind:example.ngrok.io. Bind rules for domains may specify a leading wildcard to match multiple domains with a common suffix. For example, you may specify a rule of bind:*.example.com which will allow x.example.com, y.example.com, *.example.com, etc. Bind rules for labels may specify a wildcard key and/or value to match multiple labels. For example, you may specify a rule of bind:*=example which will allow x=example, y=example, etc. A rule of '*' is equivalent to no acl at all and will explicitly permit all actions.

Response

200 - application/json

Update attributes of an tunnel authtoken credential by ID

id
string

unique tunnel credential resource identifier

uri
string

URI of the tunnel credential API resource

created_at
string

timestamp when the tunnel credential was created, RFC 3339 format

description
string

human-readable description of who or what will use the credential to authenticate. Optional, max 255 bytes.

metadata
string

arbitrary user-defined machine-readable data of this credential. Optional, max 4096 bytes.

token
string

the credential's authtoken that can be used to authenticate an ngrok agent. This value is only available one time, on the API response from credential creation, otherwise it is null.

acl
string[]

optional list of ACL rules. If unspecified, the credential will have no restrictions. The only allowed ACL rule at this time is the bind rule. The bind rule allows the caller to restrict what domains, addresses, and labels the token is allowed to bind. For example, to allow the token to open a tunnel on example.ngrok.io your ACL would include the rule bind:example.ngrok.io. Bind rules for domains may specify a leading wildcard to match multiple domains with a common suffix. For example, you may specify a rule of bind:*.example.com which will allow x.example.com, y.example.com, *.example.com, etc. Bind rules for labels may specify a wildcard key and/or value to match multiple labels. For example, you may specify a rule of bind:*=example which will allow x=example, y=example, etc. A rule of '*' is equivalent to no acl at all and will explicitly permit all actions.

owner_id
string

If supplied at credential creation, ownership will be assigned to the specified User or Bot. Only admins may specify an owner other than themselves. Defaults to the authenticated User or Bot.